Volume 14, Number 6

RTL-DL: A Hybrid Deep Learning Framework for DDoS Attack Detection in a Big Data Environment

  Authors

Hassan A Afolabi and Abdurazzag A Aburas, University of Kwazulu-Natal South Africa

  Abstract

A distributed denial of service (DDoS) attack is one of the most common cyber threats to the Internet of Things (IoT). Several deep learning (DL) techniques have been utilized in intrusion detection systems to prevent DDoS attacks. However, their performance is greatly affected by a large class imbalance nature of the training datasets as well as the presence of redundant and irrelevant features in them. This study proposes RTL-DL, a new framework for an effective intrusion detection model based on the random oversampling technique and the Tomek-Links sampling technique (RTL), to minimize the effects of data imbalance in the CICIDS2017 dataset used to evaluate the proposed model. This study achieved 98.3% accuracy, 98.8% precision, 98.3% recall, 97.8% f-score, and 4.6% hamming loss. In comparison to current approaches, the suggested model has demonstrated promising results in identifying network threats in imbalanced data sets.

  Keywords

Random oversampling, Tomek Links, Internet of things, Imbalanced data, Distributed denial of service, Intrusion detection, Deep Learning and Feature extraction.